Date: Mon, 3 Jul 2000 11:53:21 +0300 From: Alex Popa <razor@ldc.ro> To: freebsd-security@freebsd.org Subject: securing the boot process (again?!?) Message-ID: <20000703115320.A341@ldc.ro>
next in thread | raw e-mail | index | archive | help
I have been trying to secure (a bit) the boot process of a 4.0-STABLE machine that is located in a public place. I need to use the floppy disk, but if I disable it from the BIOS I get no access to it under FreeBSD. So I set the boot sequence to "C only" but if I press space while the initial hyphen is displayed i get a prompt with no password being requested. (Note I have set a password in /boot/loader.conf, and set the console to "insecure" in /etc/ttys) The problem is I can boot any kernel or loader, including a kernel off the floppy drive [just type fd(0,a)/evilkernel at the prompt]. From there to a setuid(12345) that yields uid=0 (patched kernel, remember?) is just a small step. Any ideas for further improvement of the boot process security? Note: I have used the "Dangerously dedicated" option when installing. Thanks alot, Alex. ------------+------------------------------------------ Alex Popa, |There never was a good war or a bad peace razor@ldc.ro| -- B. Franklin ------------+------------------------------------------ "It took the computing power of three C-64s to fly to the Moon. It takes a 486 to run Windows 95. Something is wrong here." To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000703115320.A341>